Blog

Blog

Top 7 Technical Resource Providers for ICS Security Professionals

Attacks against industrial control systems (ICS) are on the rise. Cyberattacks are more prevalent, creative, and faster than ever. So, understanding attackers' tactics is crucial. The IBM Security X-Force Threat Intelligence Index 2023 highlights that backdoor deployments enabling remote access to ICS systems were the most common type of attacker...
Blog

Understanding the Key Differences Between FIM and EDR

File integrity monitoring (FIM) and endpoint detection and response (EDR) are two cybersecurity solutions that are often foundational aspects of organizations’ security strategies. EDR is implemented in order to stop known and unknown threats at endpoints, often with advanced functions such as behavioral monitoring and analysis, antivirus protection...
Blog

VERT Threat Alert: May 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s May 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1106 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-30040 Up first this month, we have a security feature bypass in MSHTML. More specifically, we have an Object...
Blog

Insider Threats Maintain a Rising Trend

“When the cat’s away, the mouse will play,” the old adage goes. Filings to anti-fraud non-profit Cifas would support that claim, as Insider Threat Database (ITD) reports rose by 14% this past year and are largely attributable to hard-to-monitor work-from-home employees mixed with “increasing financial pressures.” The report details further incidents...
Blog

The Importance of Passive Asset Discovery

It’s the fifth requirement in CIS Control 1: Use a passive asset discovery tool. Sounds simple enough. But what does it mean? And what, specifically, makes it so important that it became one of the first five requirements of the widely applied CIS Controls used by so many organizations to establish their most basic levels of cyber hygiene? The...
Blog

The World Cybercrime Index: What is it and why is it important?

Cybercriminals are notoriously tricky to pin down. They are experts in obfuscation and misdirection, masters of avoiding consequences. Not since the early days of the Wild West have criminals managed to evade capture and maintain anonymity as effectively as modern cybercriminals do. Part of the reason for these staggeringly low conviction rates...
Blog

Hey, You. Get Off of My Cloud

The Rolling Stones wanted to protect their space; we, as security practitioners, need to protect ours. Data 'castles' in the cloud are out there, and they're constantly under siege. By drawing inspiration from a band that embodied personal freedom, we can draw some – okay, very stretched - parallels to modern cloud security. Nonetheless, they work....
Blog

ANSI and the International Society of Automation Explained

As technologies advance and the world grows more complicated, collaboration and coordination have become increasingly important. Setting standards, sharing information, and bringing experts together are essential to safely developing technologies for national and global priorities, and the world needs organizations to fulfill this role. The...
Blog

Why Is Cyber Resilience Essential and Who's Responsible for It?

In the first installment of our series on cyber resilience, we discussed what being a resilient organization means. In this installment, we'll explore why organizations need to consider how to become resilient, who's responsible for achieving this, and the processes organizations must have to prioritize actions and effectively spend their budgets. ...
Blog

Being Cybersmart is Always in Style

In 2022, the Security team at Microsoft published a cybersecurity awareness campaign named “#BeCyberSmart”. Even though that was two years ago, the same best practices still apply. Cybersecurity is an important part of our daily lives and can enable us to accomplish more while keeping our data and identity protected. Be CyberSmart Security starts...
Blog

The Impact of NIST SP 800-171 on SMBs

From more broad laws like GDPR to industry-specific regulations like HIPAA, most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated. National Institute...
Blog

Ensuring Privacy in the Age of AI: Exploring Solutions for Data Security and Anonymity in AI

With the widespread use of AI technology, numerous AI models gather and process vast amounts of data, much of which comprises personal information utilized to offer personalized experiences. However, this abundance of data poses inherent risks, particularly in terms of privacy and security. As AI systems become more sophisticated, the potential for...
Blog

Vulnerability Scanning vs. Penetration Testing

In the modern digital landscape, cybersecurity is paramount, making the differentiation between vulnerability scanning and penetration testing essential for safeguarding organizational assets. Vulnerability scanning offers a broad sweep for potential security weaknesses, serving as an early warning system. Penetration testing takes a more targeted...
Blog

Tripwire Patch Priority Index for April 2024

Tripwire's April 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. Firsts on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve 2 spoofing vulnerabilities. Next on the patch priority list this month is a patch for Microsoft Office and Excel that resolves spoofing and remote...
Blog

Cybersecurity: The Battle of Wits

With cybersecurity, the digital battlegrounds stretch across the vast expanse of the internet. On the one side, we have increasingly sophisticated and cunning adversaries. On the other, skilled cybersecurity practitioners who are desperate to protect their companies’ assets at all costs. One fundamental truth rings clear: it’s an ongoing and...
Blog

Defending Against Supply Chain Spoofing in Critical Manufacturing

Supply chain attacks are a serious and growing threat to businesses across all industries. However, these attacks pose an even greater risk for manufacturers in critical infrastructure sectors. One pernicious form of supply chain attack is spoofing, where attackers impersonate legitimate suppliers to sneak malicious code or components into products...
Blog

DMARC - The Next Step in Email Hygiene and Security

In 1971, Ray Tomlison developed the first email service while working at The Defense Advanced Research Projects Agency (DARPA). This development changed how we communicated. However, even though this was an exceptional tool, it was not very user-friendly, requiring users to have specific software installed on their computers. In 1996, Sabeer...
Blog

Machines vs Minds: The Power of Human Ingenuity Against Cyber Threats

Most people remember the iconic movie Terminator, in which the cyborg T-800 was dispatched back in time from the year 2029 with the mission to eliminate Sarah Connor. She was destined to give birth to the future leader of the human resistance against machines, thus threatening their dominance. If Sarah were killed, humanity's fate would be sealed,...